Cozmoslabs Profile Builder Pro
5 CVEs affecting Cozmoslabs Profile Builder Pro. Latest disclosed: 2026-05-02. Critical: 1, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-27413 | Critical | 9.3 | 2026-03-19 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozmoslabs Profile Builder Pro allows Blind SQL Injection… |
CVE-2024-22140 | High | 8.8 | 2024-01-31 | Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Profile Builder Pro.This issue affects Profile Builder Pro: from n/a through 3.10.0. |
CVE-2026-7647 | High | 8.1 | 2026-05-02 | The Profile Builder Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to and including 3.14.5. This is due to the use of PHP's… |
CVE-2024-22142 | High | 7.1 | 2024-01-13 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cozmoslabs Profile Builder Pro allows Reflected XSS.This… |
CVE-2024-22141 | Medium | 6.5 | 2024-01-24 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Cozmoslabs Profile Builder Pro.This issue affects Profile Builder Pro: from n/a thr… |